Phishing

One out of four employees fall for phishing attacks

One out of four employees fall for phishing attacks

According to insights from our leading Phishing simulation tool PhishGuard, 58% of users in Saudi Arabia have opened at least one phishing email. These insights reveal that at least one out of four employees have interacted with a phishing email, either by clicking on a link or downloading a malicious attachment. In some cases, employees have gone further and submitted their personal information after clicking on the phishing link which had redirected them to a fake page. “Phishing is a quite common entry point for the most successful attacks. Attackers are getting smarter; they now monitor social media activities to ...

Read More
Uber Suffered a Security Breach Due to an 18-year-old Hacker

Uber Suffered a Security Breach Due to an 18-year-old Hacker

Uber recently experienced a cyberattack where an 18-year-old hacker accessed their systems by launching a successful social engineering attack on an employee. The hacker used stolen employee credentials to launch an MFA (Multi-Factor authentication) Fatigue attack. It is an attack where a victim receives multiple requests from their MFA application till it bothers them out leading them to eventually accept the request. The teenage attacker did not disclose how he was able to gain the Uber employee password.  After using the stolen credentials, he sent multiple MFA requests for over an hour to the employee and then messaged them impersonating ...

Read More
Current Trends in SMS Phishing (Smishing) Attacks | 2022  

Current Trends in SMS Phishing (Smishing) Attacks | 2022  

Did you know that there are 6.648 billion (83.72%) people worldwide who own a mobile phone and in Saudi Arabia alone, 97.5% of its society owns one? Also, did you know that the average time people spend on their phones is 3 hours and 43 minutes?    With most of the world connected to their mobile phones on a daily basis, this incited cyber criminals to level up their SMS phishing attacks.  It’s no wonder that the number of smishing attacks has increased in the last couple of years. In 2021, 74% of enterprises were targeted by smishing attacks, a 13% ...

Read More
The 6 Colors of Hacker Hats | Explained

The 6 Colors of Hacker Hats | Explained

When the word hacker or hacking is mentioned, a universal definition pops into mind. A hacker is known to be a cybercriminal who inflicts chaos on their victims by breaching, stealing, or damaging online systems and data. This is just one part of what the word hacking withholds. And contrary to popular belief, hacking is a broad and diversified category that is misunderstood.   The dependency on storing data electronically, as computers have taken over a large part of our life, results in the increased risk of data theft and becoming suspectable to hacking accidents. So, learning more about the ...

Read More
Insider Threats in Cyber Security

Insider Threats in Cyber Security

Organizations tend to only focus on setting cyber security measures for potential threats and intrusions made by external circumstances. Unfortunately, they undermine the possibilities of a trusted employee launching a cyber-attack against them. This negligence resulted in 34% of businesses being affected by an insider threat on a yearly basis. This cyber security risk does not only leave the organization vulnerable but is also viewed as an easy target for internal and external threats.   Whoever has authorized access to sensitive data, either it being an employee or a partner (which sometimes referred to as Third-party risk), is considered trusted and ...

Read More
Juice Jacking: The Threats of Public USB Charging Stations

Juice Jacking: The Threats of Public USB Charging Stations

A shared scenario between many is being in public with a dying mobile device, franticly looking for a charger. When coincidently you find a free charging station calling out your name. You find a solution, but have you ever thought about the risks of using these public charging stations?   The accessibility of these public USB charging stations is convenient but connecting your device to one can put you in a vulnerable position. With just plugging in your smartphone or laptop, you’re potentially opening up an opportunity for a threat actor to steal data or install malware all without your knowledge. This is known as Juice Jacking.   Unfortunately, many are unaware ...

Read More
Phishing Emails: Why do we Fall for them?

Phishing Emails: Why do we Fall for them?

Have you ever received an email wondering if it is legitimate or not, but then decide to click on it because the advertisement or the urgent warning catches your eye? Well, many have been in that situation with some consequently becoming victims to a phishing trap.   Around 96% of phishing attempts are deployed via email and 74% of organizations suffered from a successful phishing attack (Proofpoint state of the Phish report 2021). These numbers will continue to rise if we don’t educate ourselves on phishing emails.  Over time, cybercriminals are becoming more sophisticated and are in constant search of new ways to seamlessly trick their victims. Sometimes, even the ...

Read More
Recent Phishing Attacks in Saudi Arabia

Recent Phishing Attacks in Saudi Arabia

Since the beginning of 2020 due to COVID-19 people have been social distancing and staying indoors as much as possible. Due to that the use of the Internet, E-commerce sites, and E-government operations have increased immensely and so have the attempts at phishing attacks. His Excellency Dr. Khaled bin Abdullah Al-Sabti, Governor of the Cybersecurity Authority, spoke during the opening of the Global Cybersecurity Conference on April 7th, 2021, about the high increase in phishing sites by about 300% and the importance of being aware. Below (Figure A-1 & A-2) we can see two different examples of Smishing Attacks during ...

Read More
Phishing Emails & How to Spot them

Phishing Emails & How to Spot them

Cyber-attacks come in a variety of formats and with the advancement of technology it continues to improve. Phishing is a common type of cyber-attack used by cyber criminals, and according to Proofpoint’s threat report, 75% of organizations experienced a Phishing attack in 2020 (Proofpoint 2021 state of the Phish report). Cyber criminals found a higher success rate in achieving their goals thorough email phishing rather than any other approach. This is due to the lack of awareness and knowledge on how to identify legitimate emails from fake ones. There are many ways that could help organizations in decreasing the numbers ...

Read More
Latest Trends in Phishing and How to Protect Yourself Against Them

Latest Trends in Phishing and How to Protect Yourself Against Them

Phishing attacks are not something that has come up recently. Such attacks have been around since the mid 90s, however, overtime, they have become more sophisticated. To make things worse, did you know that 32% of confirmed data breaches involved phishing? (Verizon 2019 Data Breach Investigations Report) And 57% of the organizations report having experienced mobile phishing attacks! (Wandera’s 2020 Mobile Threat Landscape Report). Before moving on to the latest trends in phishing, let us define it. What is Phishing? Phishing is one of the easiest and most common types of cyber attacks used by criminals and among the easiest ...

Read More